[pmwiki-users] Persistent attacks on pages
Pico
pmwiki at ben-amotz.com
Wed Apr 26 10:35:21 CDT 2006
> From: "Patrick R. Michaud" <pmichaud at pobox.com>
> On Sun, Apr 23, 2006 at 11:23:18AM -0400, Neil Herber wrote:
> > At 2006-04-23 11:13 AM -0400, Pico is rumored to have said:
> > >b. Password Protecting the page would make it harder for people to add
> > >comments. On the other hand, maybe the comments should be broken off to
> > >a separate page, leaving the basic recipe to be password protected.
> > >That has other benefits for this page because its comments have included
> > >long lines of literal text that throws off the screen size.
> >
> > I would suggest password protecting the page, but revealing the
> > password in plain text on the page so that humans can read it. The
> > type of attack you are describing sounds like a robot or zombie, and
> > they don't bother password protected pages as a general rule.
> >
> > Example: "To edit this page, you need to use the password 'zxcv'
> > without the quotes." Put this somewhere near the top of the page.
>
> Even better, just protect the page with PmWiki's site password ("quick").
>
> Pm
Ok, I went ahead and password protected the page with PmWiki's site password ("quick").
I also went ahead and moved the comments over to a new page called ToDo-Comments for the reasons explained above: accessibility, page size and tendency of ToDo comments to include long lines of literals.
Pico
More information about the pmwiki-users
mailing list